I've got a network set up in the house with a Windows 2003 DC, a Windows 7 Workstation and a host of VMs doing various tasks running either XP Pro, Ubuntu or FreeBSD. Ideally I would love to have domain credentials work across all machines so that I could more easily manage identities, passwords etc.

Is there a good way to implement non-windows clients on a Windows domain?

4 Answers
4

Linux has PAM. This is great for setting up all kinds of fun unusual authentication. In your case, you want something like LDAP/Kerberos, where the Win2k3 DC servers as the source. Check out this doc on how to configure PAM to authenticate using winbind.

That looks like a great option. I'll give it a go this weekend!
–
kdmurrayMay 27 '09 at 2:01

Report back how you like it. I seem to recall trying this, but not getting too far.
–
Brent May 27 '09 at 2:34

If you want to have a Windows network with some Unix hosts it's a pretty good choice, but if you want to have full Unix support then there are other problems such as that the UIDs/GIDs won't match between any Unix users you have (say in LDAP) and the Unix emulation layer which Likewise Open provides on top of AD, unless you explicitly set the UIDs in LDAP to be the same as the numbers Likewise produces for you.
–
David GardnerAug 22 '12 at 9:48

The tool you want is winbind, which comes with samba. You can use this to register a machine on a windows domain. Password authentication against the domain can be done with pam_winbind. If your users have home directories on a win2kx server you can use SFU (Services for Unix) to export them via NFS off the server or mount the directory via samba.

A description of this can be found in the Winbind HOWTO on the samba web site.